Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

Originally Posted by Herecius

I think it's hilarious that people will go to such extreme lengths to get past the authenticator with this method just to get into a WoW account... when banks use the same authenticator tech to protect vaults.

Doing that to a bank can land you in prison for a long time.

Hacking into a WoW account won't. However thanks to people who buy gold, WoW accounts have some monetary value so it's "safe."

Of course, that doesn't mean banks don't get hacked. Though I'm sure banks have much tighter security.

Basically a fake WoWMatrix that google recommends (!), as well as a fake Curse and other specific addon sites. So I believe you still have to download something from these bogus sites to get it. What I don't like is that the first victim's NOD32 and anti spyware didn't pick up on it at all.

Moral of the story is use your bookmarks and hope the legit sites never get hacked, and if you have to google one then triple check the url, and don't trust the sponsored links.

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

Buy a Mac.

Ouch. Do you think when the majority buys a Mac "hackers" will focus on Mac? Take IE for example its not just because Microsoft tends to slack at security its also because a lot of people are using it as it is the standard windows brower.

At least Blizzard is being honest. Most of the time they dont say a word about things like that and surely none of their tools can fail. "i got hacked" "well, delete WTF folder and addons"

Ofc nothing is 100% safe, that must be understand. But i didnt think anyone would bother doing so much for a WoW account. Well i dont know its real worth but i thought the prices dumped because gear is so easy to get and people are richer than ever before.

Who needs gameplay when you have ACHIEVEMENTS? Don't worry about beating levels, finding ways to kill enemies, or beating the final boss... there are none. Focus solely on your ultimate destiny... doing random tasks that have nothing to do with anything. Metagame yourself with ease! Self-satisfaction never felt so... artificial!

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

I can write a man in the middle attack for WoW on OSX as well, if you like. (Or any other OS for that sake).
You just have to download it in the first place, likewise on Windows. Get the picture?

Making the authenticator secure against man in the middle attacks is trivial. Blizzard hasn't released details of the attack, but it's unlikely to be a real man in the middle attack (given that the authenticator is a 3rd party product designed by people who should know what they're doing - unlike Blizzard). Instead, the attack likely relies on the attacker being able to modify the client endpoint rather than only being able to observe and modify bits on the wire. There is nothing that can be done to stop such an attack on any OS.

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

Question, if you waited for the last say 10-15 seconds off your authenticator code then entered it before it changed wouldnt you still be perfectly safe? As by the time they get the code and use what ever bot to get into your account a new code will be needed?

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

Btw, it's fine for people to refer to it as a 'virus', although it doesn't have the characteristics of one, people have been using the word in this context so much that it's just become generally acceptable for any type of malware, at least outside of professional areas.

Originally Posted by Atallicus

I'm super new to mac's, is there something I should be looking for here? I know I won't find a .dll so does that mean I'm safe? Sorry for a newbie question

DLL's are for Windows operating systems, so you are indeed fine for this trojan.

Originally Posted by Yoe

Question, if you waited for the last say 10-15 seconds off your authenticator code then entered it before it changed wouldnt you still be perfectly safe? As by the time they get the code and use what ever bot to get into your account a new code will be needed?

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

The only reason people try to hack them less is because the majority of home users (the targets of hacks) are on PCs.

Bit of a contradiction there,

If the only reason people try to hack them less is because the majority of home users are on pc's (you mean windows), then macs ARE safer because they're being targeted less, however the whole popularity contest is a flawed and dumb reason that only idiots use.

Originally Posted by Ryoushii

Btw, it's fine for people to refer to it as a 'virus', although it doesn't have the characteristics of one, people have been using the word in this context so much that it's just become generally acceptable for any type of malware, at least outside of professional areas.

No it's NOT, excusing people for being fucking dumb is not a valid reason to keep using the incorrect term, half of this shit happens because of dumb fucking people who can't put 1+1 together.

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

Originally Posted by Ryoushii

Btw, it's fine for people to refer to it as a 'virus', although it doesn't have the characteristics of one, people have been using the word in this context so much that it's just become generally acceptable for any type of malware, at least outside of professional areas.

DLL's are for Windows operating systems, so you are indeed fine for this trojan.

Re: Authenticator Accounts Hacked, ICC Quests, Crimson Deathcharger

If the only reason people try to hack them less is because the majority of home users are on pc's (you mean windows), then macs ARE safer because they're being targeted less

The majority of viruses target a computer; they don't care whether it's a mac or a windows pc.
There are a number of viruses that specifically target windows pcs. This is a very small number relative to the total number of viruses that exist.